<?php

$pagename=CHANGE_USER;
if (!$admin_area)
	include_once("header_inc.php");

$tplItem=new TplLoad;
if (!$admin_area)
{
	check_valid_user("");
	include_once("member_header.php");	
	$user_id=$_SESSION["valid_user"];
}
$my_items = 1;
$tplMyItems=new TplLoad;
$lBanList = split(",", $set_banlist_users);

$new_name = trim(getParam("new_name","")); 
$vendor_homepage = getParam("vendor_homepage","");  
$new_email = trim(getParam("new_email","")); 	
$hide_email = getParam("hide_email","0"); 	
$emelding = getParam("emelding","0"); 	
$credits = getParam("credits",""); 	


/* Extra fields handling START */
$lFieldArray=getExtraFiltered(1,"",$user_id,$set_language); // Spesify where we are
/* Extra fields handling START */

if (is_array($lFieldArray))
{
	foreach ($lFieldArray as $lKey => $lValue)
	{ 
		if ($lValue["q_question"])
			$lFieldArray[$lKey]["q_question"]=(constant($lValue["q_question"]));
		if ($lValue["q_catdescr"])
			$lFieldArray[$lKey]["q_catdescr"]=(constant($lValue["q_catdescr"]));
		if  ($lValue["q_question"]=="EF_USR_PROVINCIA"){
			$provinciaElegida=$lValue["q_value"];
		}	
	}
}


$tplMyItems->assign("extra_fields_array",$lFieldArray);
$tplMyItems->assign("provincias",getProvincias($provinciaElegida));//

if (is_array($lFieldArray))
{
	$lReturnResultArray=ExtraFieldsInputOperations($lFieldArray);
	$lInsertArray=$lReturnResultArray[0];	// Contains data to be inserted to extra
	$errorMsg=$lReturnResultArray[1]; 		// Contains error messages
}
/* Extra fields handling FINISH */

if (getParam("del_vendor_image",""))
{
	@unlink($set_path . "/images/vendors/". $user_id . ".gif");
	@unlink($set_path . "/images/vendors/". $user_id . ".jpg");
	@unlink($set_path . "/images/vendors/". $user_id . ".png");
	
	q("update $usr_tbl set user_vendor_url='' where user_id=$user_id");
}

if (getParam("submit",""))
{

	addToHistory(12,$user_id,"","");

	if (is_array($_FILES["vendor_url"]))
	{
		@unlink($set_path . "/images/vendors/". $user_id . ".gif");
		@unlink($set_path . "/images/vendors/". $user_id . ".jpg");
		@unlink($set_path . "/images/vendors/". $user_id . ".png");
		
		$FileArray=$_FILES["vendor_url"];
		$SaveAs=$set_path . "/images/vendors/$user_id";
		$MaxSize=10000000;
		$DimensionArray[]=$set_image_size_small;
		$returnValue=uploadImage($FileArray,$SaveAs,1000000,$DimensionArray,"",$set_image_program,1);
		$lFileUploaded=$returnValue[0];
		
	}
 
 
 if (empty($new_name))
	$errorMsg.="<p class=red>$la_error_msg5</p>";
	
 $sql_update="";
 
 
 
if (empty($errorMsg)) 
{

	$_SESSION["user_name"] = strEnc($new_name);
	
	$new_name=strToDb($new_name);
	$lSqlAddon="";
	if ($lFileUploaded!="")
	{
		$vendor_url="http://" . $set_url . "/images/vendors/$lFileUploaded";	
		$lSqlAddon=",user_vendor_url='$vendor_url'";
	}
	$vendor_homepage=strToDb($vendor_homepage);
	$hide_email=strToDb($hide_email);
	$emelding=strToDb($emelding);

	$sql_update = "update $usr_tbl set user_name='$new_name',user_vendor_homepage='$vendor_homepage',user_hide_email='$hide_email',user_newsletter='$emelding' $lSqlAddon $reset where user_id = $user_id";
	$result = q($sql_update);
	
	if ($user_id>0 && $lInsertArray)
		updateSelected($lInsertArray,"",$user_id);
	
	
}
else 
	$tplMyItems->assign("error_update","$errorMsg");

 
 $errorMsg="";
 
 if (!empty($new_email))
 {
 	
 	$result = q ("select user_email from $usr_tbl where user_id=$user_id");
	$row = mysql_fetch_array($result);
	$email = $row["user_email"];
	
 	if ($new_email<>$email)
 	{
		if (validEmail($new_email))
		{
			$lRemoteIP=getRemoteIp();	
			
			if (!empty($lRemoteIP))
				$errorMsg.=ban($lBanList, getRemoteIp()); 
			if (!empty($lEmail))
				$errorMsg.=ban($lBanList, $lEmail); 
				
			$sql = "select * from $usr_tbl where user_email = '$new_email'";
			$res = q($sql);
			$num = mysql_num_rows($res);
			
			$sql_line = "select user_status from $usr_tbl where user_email = '$new_email'";
			$result_line = q ($sql_line);
			$row_line = mysql_fetch_array($result_line);
			$status = $row_line["user_status"];           
				
	
			if ($num>0)
				$errorMsg.="<p class=red>".LA_ERROR_MSG20."</p>";
			elseif ($status == 1)
				$errorMsg.="<p class=red>".LA_BLOCKED_LOGIN."</p>";
			elseif (empty($errorMsg))
			{
				
				$temp_validate=generatePassword(5);
				$lPassTemp=generatePassword(4);
				$sql = "update $usr_tbl set user_email='$new_email',user_pass_plain='$lPassTemp'";
				if ($set_opt_verify)
					$sql.=", user_verify_code='" . $temp_validate ."'";
				$sql.= " where user_id='$user_id'";
				$res = q($sql);
				$lUserID=$user_id;
				
				if ($set_opt_verify)
				{
					$errorMsg.=LA_CONFIRM_EMAIL;
					if (!$admin_area)
					{
						session_destroy();
					}
					$lSql = "select user_status,user_verify_code,user_approved,user_id,user_name,user_email,user_pass_plain from $usr_tbl where user_id = '" . strToDb($lUserID) . "' AND (user_pass_plain <> '' AND user_pass_plain is not null)";
					$lResult = q($lSql);
					$lRow=mysql_fetch_array($lResult);
					$lName=$lRow["user_name"];
					$lEmail=$lRow["user_email"];
					$lPassPlain=$lRow["user_pass_plain"];
					$lVerifyCode=$lRow["user_verify_code"];
					
					if ($lVerifyCode && $lName && $lEmail)
					{
						$lNewUserVerifyArray=array("$lName","$lEmail","$lPassPlain","$set_sitename","".getRemoteIp()."","http://$set_url/member_login.php","http://$set_url/verify.php?verify=$lVerifyCode");
						$lSubject = formatString(getLangString($set_language,"LA_MAIL_VAL_SUBJECT"), $lNewUserVerifyArray);
						$lBody = formatString(getLangString($set_language,"LA_MAIL_VAL_BODY"), $lNewUserVerifyArray);
						sendEmail($lEmail, $set_webmaster_address, $lSubject, $lBody);
						//$msg="<p>&nbsp;</p>".LA_VALIDATION_CODE_RESENT;
					}
					else 
						echo "ERROR";
									
					
					
				}
				
				
			}
		
		}
		else
			$errorMsg.= "<p class=red>".LA_ERROR_MSG21."</p>";
			

			
 	}
 }
 if (empty($errorMsg))
 	$tplMyItems->assign("email_change",1);
 else
 	$tplMyItems->assign("email_change","$errorMsg");
}
$result = q("select * from $usr_tbl where user_id =$user_id");
$row = mysql_fetch_array($result);
$userid = $row["user_id"];
$name =$row["user_name"];
$email = $row["user_email"];
$vendor_url = $row["user_vendor_url"];
$vendor_homepage = $row["user_vendor_homepage"];
$is_vendor = $row["user_is_vendor"];
$registered  = $row["user_date"];
$num_ads = $row["user_num_ads"];
$hide_email = $row["user_hide_email"];
$emelding = $row["user_newsletter"];
$credits = $row["user_credits"];
$months = $row["months"];




if (isset($_GET["delete_me"]))
{
	if ($_SESSION["valid_user"]==$userid)
	{
		if (getParam("confirmed","")==1)
		{
			delete_user($userid);
			$tplMyItems->assign("user_deleted",1);
			session_unregister("valid_user");
			session_destroy();
		}
		else 
		{
			$tplMyItems->assign("please_confirm",1);
		}
	}
}

//if ($set_vendor AND $is_vendor AND $vendor_url)
	//echo "<p><a href='$vendor_homepage' target='new'><img src='$vendor_url' border=0></a></p>";

$tplMyItems->assign("IS_VENDOR","$is_vendor");
$tplMyItems->assign("name",strEnc(getParam("new_name",$name)));
$tplMyItems->assign("user_id",strEnc(getParam("user_id","")));
$tplMyItems->assign("admin_Area",$admin_area);
$tplMyItems->assign("email",strEnc(getParam("new_email",$email)));
$tplMyItems->assign("vendor_url",strEnc(getParam("vendor_url",$vendor_url)));
$tplMyItems->assign("vendor_homepage",strEnc(getParam("vendor_homepage",$vendor_homepage)));
$tplMyItems->assign("hide_email_yes",getParam("hide_email_yes",$hide_email));
$tplMyItems->assign("recive_mail_yes",getParam("recieve_mail",$emelding));
$tplMyItems->assign("phpself",$_SERVER['PHP_SELF']);


// Find Extra fields in user table and get values from not empty rows
/*
$i=0;
$lExtraFieldArray=getExtraFields($result);
if (is_array($lExtraFieldArray))
{
	foreach ($lExtraFieldArray as $value)
	{
		$lArray[$i]["id"]=$i;	
		$lArray[$i]["field"]=$value;	
		$lArray[$i]["value"]=strEnc($row[$value]);	
		$i++;
	}
	$lExtraArray=getExtraAdvValue("",2,$lArray);
	$tplMyItems->assign("extra_fields_array",$lExtraArray);
}
*/
$tplMyItems->display("member_change.tpl");
if (!$admin_area)
{
	include_once("member_footer.php");
	include_once("footer_inc.php");
}
?>

